CISA, DOE Warn of Attacks on Uninterruptible Power Supply (UPS) Devices
Take UPS management interfaces off the Internet "immediately," agencies say.
Threat actors are hacking Internet-connected uninterruptible power supply (UPS) devices, typically via default username and password combinations, the Cybersecurity and Infrastructure Security Agency (CISA) and Department of Energy (DoE) warned this week in a joint alert.
The federal agencies recommend immediately removing UPS devices from the public Internet and ensuring that their management interface is behind a VPN or other security controls if it's accessible via the Internet.
Change any factory-default passwords and employ multifactor authentication and strong passwords, CISA and DOE recommended in their alert.
About the Author(s)
You May Also Like
Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024